CVE-2002-1580
7.8 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.393 Low
EPSS
Percentile
97.2%
Integer overflow in imapparse.c for Cyrus IMAP server 1.4 and 2.1.10 allows remote attackers to execute arbitrary code via a large length value that facilitates a buffer overflow attack, a different vulnerability than CVE-2002-1347.
References
asg.web.cmu.edu/cyrus/download/imapd/changes.html
distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000557
distro.conectiva.com/atualizacoes/?id=a&anuncio=000557
www.debian.org/security/2002/dsa-215
www.kb.cert.org/vuls/id/740169
www.securityfocus.com/archive/1/301864
www.securityfocus.com/bid/6298
exchange.xforce.ibmcloud.com/vulnerabilities/10744
Related
7.8 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.393 Low
EPSS
Percentile
97.2%